Cyber Espionage and the Theft of U.S.

Intellectual Property and Technology

Testimony of Larry M. Wortzel
before the House of Representatives
Committee on Energy and Commerce Subcommittee on Oversight and Investigations
July 9, 2013
SUMMARY OF TESTIMONY
I will discuss the role of the People's Republic of China, its military and intelligence services, and its
industries in cyber espionage and the theft of U.S. intellectual property and technology. As a member of
the U.S.-China Economic and Security Review Commission, I will present some of the Commissions
findings on Chinas cyber espionage efforts, its policies and its goals in stealing technology and
intellectual property. The views I present today, however, are my own.
China is using its advanced cyber capabilities to conduct large-scale cyber espionage. China to date has
compromised a range of U.S. networks, including those of the Department of Defense (DOD), defense
contractors, and private enterprises. These activities are designed to achieve a number of broad security,
political, and economic objectives.
Chinas cyber espionage against the U.S. government and defense industrial bases poses a major threat to
U.S. military operations, the security and well-being of U.S. military personnel, the effectiveness of
equipment, and readiness. China apparently uses these intrusions to fill gaps in its own research
programs, map future targets, gather intelligence on U.S. strategies and plans, enable future military
operations, shorten research and development (R&D) timelines for military technologies, and identify
vulnerabilities in U.S. systems and develop countermeasures.1
Chinas cyber espionage against U.S. commercial firms poses a significant threat to U.S. business
interests and competiveness in key industries. General Keith Alexander, Director of the National Security
Agency and commander of U.S. Cyber Command, assessed that the financial value of these losses is
about $338 billion a year, including intellectual property losses and the down-time to respond to
penetrations, although not all those losses are to Chinese activity.2 Chinese entities engaging in cyber and
other forms of economic espionage likely conclude that stealing intellectual property and proprietary
information is much more cost-effective than investing in lengthy R&D programs.3 These thefts support
national science and technology development plans that are centrally managed and directed by the PRC
government.

U.S.-China Economic and Security Review Commission, 2012 Annual Report to Congress (Washington, DC: U.S
Government Printing Office, November 2012), p. 166.
2
Josh Rogin, NSA Chief: Cybercrime Consitutues the Greatest Transfer of Wealth in History, Foreign Policy: The
Cable, July 9, 2012,
http://thecable.foreignpolicy.com/posts/2012/07/09/nsa_chief_cybercrime_constitutes_the_greatest_transfer_of_wealt
h_in_history
3
Mike McConnell, Michael Chertoff, and William Lynn, Chinas Cyber Thievery is a National Policy And Must Be
Challenged, Wall Street Journal, January 27, 2012.
http://online.wsj.com/article/SB10001424052970203718504577178832338032176.html.

The Chinese government, including the PLA and the Ministry of State Security, supports these activities
by providing state-owned enterprises (SOEs) information and data extracted through cyber espionage to
improve their competitive edge, cut R&D timetables, and reduce costs. The strong correlation between
compromised U.S. companies and those industries designated by Beijing as strategic industries4 further
indicates a degree of state sponsorship, and likely even support, direction, and execution of Chinese
economic espionage.5 Such governmental support for Chinese companies enables them to out-compete
U.S. companies, which do not have the advantage of leveraging government intelligence data for
commercial gain.6
There is an urgent need for Washington to compel Beijing to change its approach to cyberspace and deter
future Chinese cyber theft. The Chinese government does not appear to be inclined to curb its cyber
espionage in any substantial way. Merely naming will not affect this centrally directed behavior.

The Commission on the Theft of Intellectual Property, The IP Commission Report, (Washington, DC: National
Bureau of Asian Research, May 2013), p. 12. http://ipcommission.org/report/IP_Commission_Report_052213.pdf.
5
U.S.-China Economic and Security Review Commission, 2012 Annual Report to Congress (Washington, DC: U.S
Government Printing Office, November 2012), p. 156.
6
In the late 1980s and early 90s a debate took place in Congress on whether the U.S. Intelligence Community (IC)
should share information and/or intelligence assets with U.S. companies to provide those companies an advantage
against foreign competitors. In 1991, Director of the Central Intelligence Agency Robert Gates, in a speech to the IC,
stated clearly that the CIA would limit itself to helping U.S. companies safeguard themselves from foreign intelligence
operations. Robert Gates, "The Future of American Intelligence, (Washington, DC: U.S. Intelligence Community,
December 4, 2011).

Cyber Espionage and the Theft of U.S. Intellectual Property and Technology
Testimony of Larry M. Wortzel
before the House of Representatives
Committee on Energy and Commerce Subcommittee on Oversight and Investigations
July 9, 2013
Chairman Murphy, Ranking Member DeGette, members of the Subcommittee, thank you for the
opportunity to testify today. I will discuss the role of the Peoples Republic of China, its military
and intelligence services, and its industries in cyber espionage and the theft of U.S. intellectual
property and technology. As a member of the U.S.-China Economic and Security Review
Commission, I will present some of the Commissions findings on Chinas cyber espionage
efforts, its policies and its goals in stealing technology and intellectual property. The views I
present today, however, are my own.

Chinas cyber espionage activities have been going on for a long time. In 2005, Time magazine
documented a series of intrusions into U.S. laboratories, including those of the Department of
Energy, that was called the Titan Rain intrusion set.1 Corporations often will not disclose cyber
penetrations and intellectual property theft because they fear retaliation from the Chinese
government, hope for future market access in China, fear the loss of consumer confidence, and
fear the loss of stock value.

Nathan Thornborough, The Invasion of the Chinese Cyberspies (and the man who tried to stop them): An Exclusive
Look at how the Hackers called TITAN RAIN are Stealing U.S. Secrets, Time Magazine, September 5, 2005
http://www.cs.washington.edu/education/courses/csep590/05au/readings/titan.rain.htm.

In Chinese military writings, cyberspace is an increasingly important component of Chinas

comprehensive national power, and a critical element of its strategic competition with the United
States.2 Beijing seems to recognize that the United States current advantages in cyberspace
allow Washington to collect intelligence, exercise command and control of military forces, and
support military operations. At the same time, Chinas leaders fear that the United States may
use the open Internet and cyber operations to threaten the Chinese Communist Partys (CCP)
legitimacy.

China is using its advanced cyber capabilities to conduct large-scale cyber espionage. To date,
China has compromised a range of U.S. networks, including those of the Department of Defense
(DOD), defense contractors, and private enterprises. These activities are designed to achieve a
number of broad security, political, and economic objectives.

China does not appear to have reduced its cyber effort against the United States despite recent
public exposure of Chinese cyber espionage in technical detail.3 When confronted with public
accusations from the United States about its cyber espionage, Beijing usually attempts to refute
evidence by pointing to the anonymity of cyberspace and the lack of verifiable technical forensic
data. It also shifts the media focus by portraying itself as the victim of Washingtons cyber
activities and calling for greater international cooperation on cyber security. 4 For example, in
response to DODs 2013 report to Congress, which indicated that China participates in cyber

Larry M. Wortzel, The Dragon Extends its Reach: Chinese Military Power Goes Global (Washington, DC: Potomac
Books, 2013), pp, 17, 41-41, 134, 145-148.
3
Dan Mcwhorter, APT1 Three Months Later Significantly Impacted, Though Active & Rebuilding, M-Unition (May
21, 2013). https://www.mandiant.com/blog/apt1-months-significantly-impacted-active-rebuilding/.
4
William C. Hannas, James Mulvenon, and Anna B. Puglisi, Chinese Industrial Espionage: Technology Acquisition
and Military Modernization, (London and New York: Routledge, 2013), p. 226.

espionage activities, Chinas Ministry of Foreign Affairs insisted China is strongly against any
form of hacking activities, and dismissed such charges as baseless.5

I believe that regardless of the evidence that is presented, Chinese Communist Party leaders will
continue to deny that the Peoples Liberation Army (PLA) and other government and
intelligence organizations are behind these penetrations. After all, this is the same party and
government that deny that anyone was killed in Tiananmen Square when the Chinese military
massacred about 2,500 people in June 1989.6

However, a number of public U.S. government reports, admissions by private companies that
they have been the target of cyber espionage, investigations by cyber security firms, and U.S.
press reports contradict Beijings longstanding denials. There is now evidence that the Chinese
government not only is encouraging and shaping these attacks, but also directing and executing
them. While attribution is difficult and takes great skill, trend analysis is allowing cyber security
professionals to develop a more comprehensive understanding of Chinese cyber actors, tools,
tactics, techniques, and procedures.

Threats to U.S. National Security

Chinas cyber espionage against the U.S. government and defense industrial base poses a major
threat to U.S. military operations, the security and well-being of U.S. military personnel, the

Don Lee, China Dismisses U.S. Accusations of Cyber-Spying, The Los Angeles Times, May 07, 2013.
http://articles.latimes.com/2013/may/07/world/la-fg-wn-china-us-cyber-spying-20130507.
6
Larry M. Wortzel, The Tiananmen Massacre Reappraised: Public Protest, Urban Warfare, and the Peoples
Liberation Army, in Andrwe Scobell and Larry M. Wortzel, eds., Chinese National Decisionmaking Under Stress
(Carlisle,PA: Strategic Studies Institute, 2005), pp. 55-84.

effectiveness of equipment, and readiness. China apparently uses these intrusions to fill gaps in
its own research programs, map future targets, gather intelligence on U.S. strategies and plans,
enable future military operations, shorten research and development (R&D) timelines for
military technologies, and identify vulnerabilities in U.S. systems and develop countermeasures. 7

Military doctrine in China also calls for attacks on the critical infrastructure of an opponents
homeland in case of conflict, which explains some of the Chinese cyber penetrations in the U.S.8
One senior researcher at the Chinese Academy of Science said that in wartime, cyber warfare
may disrupt and damage the networks of infrastructure facilities, such as power systems,
telecommunications systems, and education systems in a country. Other PLA strategists have
suggested that China should have the capability to paralyze ports and airports by cyber or
precision weapon attacks on critical infrastructure.9

A number of instances of Chinese cyber espionage targeting U.S. national security programs
have been identified in recent years:

In a 2012 report to Congress on Chinas military power, DOD stated its networks are
targeted about 50,000 times per year.10 Although China is not responsible for all of these
attacks, DOD has said China poses the dominant threat to its networks.11 In its 2013
annual report to Congress, DOD for the first time explicitly accused China of committing

U.S.-China Economic and Security Review Commission, 2012 Annual Report to Congress (Washington, DC: U.S
Government Printing Office, November 2012), p. 166.
8
Wortzel, The Dragon Extends its Reach, 142-145.
9
Ibid., 145.
10
U.S.-China Economic and Security Review Commission, 2012 Annual Report to Congress (Washington, DC: U.S
Government Printing Office, November 2012), p. 154.
11
U.S.-China Economic and Security Review Commission, 2012 Annual Report to Congress (Washington, DC: U.S
Government Printing Office, November 2012), p. 155.

cyber espionage. The report states China is using cyber operations to support
intelligence collection against the U.S. diplomatic, economic, and defense industrial base
sectors.12

In 2012, the National Aeronautics and Space Administration (NASA) disclosed a cyber
intrusion into NASAs Jet Propulsion Laboratory network originating from China-based
Internet protocol (IP) addresses. According to NASA, the intruders gained full,
functional control over the network, enabling them to copy, delete, or modify sensitive
files; manipulate user accounts for mission-critical systems; and steal user credentials to
access other NASA systems.13

A number of U.S. press reports indicate that since as early as 2007 Chinese cyber
operators have repeatedly infiltrated the networks of the F-35 Joint Strike Fighters major
contractors Lockheed Martin, Northrop Grumman, and BAE Systems and stolen
aspects of its design plans.14 Some experts, noting the resemblance between Chinas
newest stealth fighter, the J-31, and the F-35, have suggested the J-31 was developed
using F-35 design plans.15

12

Office of the Secretary of Defense, Annual Report to Congress: Military and Security Developments Involving the
Peoples Republic of China 2013 (Washington, DC: Department of Defense, 2013), p. 36.
13
House Committee on Science, Space, and Technology Subcommittee on Investigations and Oversight, Hearing on
NASA Cybersecurity: An Examination of the Agencys Information Security, testimony of Inspector General Paul K.
th
nd
Martin, 112 Cong., 2 sess., February 29, 2012.
http://oig.nasa.gov/congressional/FINAL_written_statement_for_%20IT_%20hearing_February_26_edit_v2.pdf.
14
U.S.-China Economic and Security Review Commission, 2012 Annual Report to Congress (Washington, DC: U.S
Government Printing Office, November 2012), p. 155.
15
Trefor Moss, Chinas Stealth Attack on the F-35, The Diplomat, September 27, 2012.
http://thediplomat.com/flashpoints-blog/2012/09/27/the-fake-35-chinas-new-stealth-fighter/.

U.S. press reporting indicates that, beginning in 2007, Chinese cyber actors appear to
have infiltrated the networks of QinetiQ, a defense contractor specializing in military
robotics, satellites, and combat helicopter technology. Undetected for several years, the
hackers stole millions of pages of sensitive research documents, and used QinetiQ as a
back door into U.S. military networks. In 2012, the PLA released a bomb disposal robot
with characteristics similar to one of QinetiQs designs.16

In May 2013, The New York Times, citing a classified report by the Defense Science
Board, stated that over several years Chinese cyber actors have compromised the designs
of more than fifty sensitive U.S. technologies and advanced weapons systems, including
the Patriot missile system, Aegis ballistic missile defense system, V-22 Osprey, F/A-18
fighter, and Littoral Combat Ship.17

Threats to U.S. Industry

Chinas cyber espionage against U.S. commercial firms poses a significant threat to U.S.
business interests and competiveness in key industries. General Keith Alexander, commander of
U.S. Cyber Command, assessed that the financial value of these losses is about $338 billion a
year, including intellectual property losses and the down-time to respond to penetrations,

16

Michael Riley and Ben Elgin, Chinas Cyberspies Outwit Model for Bonds Q, Bloomberg, May 2, 2013.
http://www.bloomberg.com/news/2013-05-01/china-cyberspies-outwit-u-s-stealing-military-secrets.html.
17
Ellen Nakashima, Confidential Report Lists U.S. Weapons System Designs Compromised by Chinese
Cyberspies, New York Times, May 27, 2013. http://www.washingtonpost.com/world/national-security/confidentialreport-lists-us-weapons-system-designs-compromised-by-chinese-cyberspies/2013/05/27/a42c3e1c-c2dd-11e28c3b-0b5e9247e8ca_story.html#.

although not all those losses are to Chinese activity.18 Chinese entities engaging in cyber and
other forms of economic espionage likely conclude that stealing intellectual property and
proprietary information is much more cost-effective than investing in lengthy R&D programs.19
These thefts support national science and technology development plans that are centrally
managed and directed by the PRC government.

The Chinese government, including the PLA and the Ministry of State Security, supports these
activities by providing state-owned enterprises (SOEs) information and data extracted through
cyber espionage to improve their competitive edge, cut R&D timetables, and reduce costs. The
strong correlation between compromised U.S. companies and those industries designated by
Beijing as strategic industries20 further indicates a degree of state sponsorship, and likely even
government support, direction, and execution of Chinese economic espionage.21 Such
governmental support for Chinese companies enables them to out-compete U.S. companies,
which do not have the advantage of leveraging government intelligence data for commercial
gain.22

18

Josh Rogin, NSA Chief: Cybercrime Consitutues the Greatest Transfer of Wealth in History, Foreign Policy: The
Cable, July 9, 2012,
http://thecable.foreignpolicy.com/posts/2012/07/09/nsa_chief_cybercrime_constitutes_the_greatest_transfer_of_wealt
h_in_history
19
Mike McConnell, Michael Chertoff, and William Lynn, Chinas Cyber Thievery is a National Policy And Must Be
Challenged, Wall Street Journal, January 27, 2012.
http://online.wsj.com/article/SB10001424052970203718504577178832338032176.html.
20
The Commission on the Theft of Intellectual Property, The IP Commission Report, (Washington, DC: National
Bureau of Asian Research, May 2013), p. 12. http://ipcommission.org/report/IP_Commission_Report_052213.pdf.
21
U.S.-China Economic and Security Review Commission, 2012 Annual Report to Congress (Washington, DC: U.S
Government Printing Office, November 2012), p. 156.
22
In the late 1980s and early 1990s a debate took place in Congress on whether the U.S. Intelligence Community
(IC) should share information and/or intelligence assets with U.S. companies to provide those companies an
advantage against foreign competitors. In 1991, Director of the Central Intelligence Agency Robert Gates, in a
speech to the IC, stated clearly that the CIA would limit itself to helping U.S. companies safeguard themselves from
foreign intelligence operations. Robert Gates, "The Future of American Intelligence, (Washington, DC: U.S.
Intelligence Community, December 4, 2011).

It is difficult to quantify the benefits Chinese firms gain from cyber espionage. We dont know
everything about the kinds of information targeted and taken, nor do we always attribute theft to
a specific Chinese actor. Some thefts may never be detected. In terms of business intelligence,
some targets of cyber-theft likely include information related to negotiations, investments, and
corporate strategies including executive emails, long-term business plans, and contracts. In
addition to cyber-theft, Chinese companies almost certainly are acquiring information through
traditional espionage activities, which limits our ability to identify the impact of cyber espionage
in particular. Nevertheless, it is clear that China not only is the global leader in using cyber
methods to steal intellectual property, but also accounts for the majority of global intellectual
property theft.23 Chinese actors have on several occasions in recent years leveraged cyber
activities to gain sensitive or proprietary information from U.S. enterprises:

In June 2013, the Department of Justice filed charges against a Chinese energy firm,
Sinovel Wind Group, alleging it stole secrets from AMSC (previously American
Superconductor Corporation). In 2005, the two companies partnered together, leveraging
AMSCs high-technology components and Sinovels specialization in low-cost
manufacturing. Once Sinovel was able to reproduce AMSCs technology after stealing its
proprietary source codes, the Chinese firm broke the partnership, cancelled existing
orders, and devastated AMSC revenue. AMSC later filed several lawsuits in Chinese
courts, where Sinovels assets are located. While the case continues to move slowly

23

The Commission on the Theft of American Intellectual Propoerty, The IP Commission Report (Washington, DC:
May 2013), pp. 3, 18. http://www.ipcommission.org/report/IP_Commission_Report_052213.pdf.

through the Chinese legal system, adding to AMSCs legal fees, Sinovel is reaping the
profits of stolen technology.24

In 2013, Mandiant, a private cyber-security firm, provided detailed technical information

tracing the activities of a known cyber threat group, APT1, to a building believed to
house the PLAs 2nd Bureau of the General Staff Departments Third Department.
According to Mandiant, the Third Department is responsible for conducting at least some
of the PLAs computer network operations. Since 2006, the Third Departments
Shanghai-based 2nd Bureau committed at least 141 network intrusions across fifteen
countries and twenty major industries, from information technology to financial services.
81 percent of the victims were organizations either located in the United States or with
U.S.-based headquarters. Mandiant concludes the unit receives direct government
support. 25

Aside from its 2nd Bureau in Shanghai, the PLA Third department has another eleven
operational bureaus, three research institutes, four operations centers, and sixteen
technical reconnaissance units in military regions with operational forces.26 Not all of
these are directing their actions against the United States, and there are no public reports
available about what cyber espionage they may have conducted like the Mandiant report
about the 2nd Bureau.

24

Melanie Hart, Criminal Charges Mark New Phase in Bellweather U.S.-China Intellectual Property Dispute, Center
for American Progress, June 27, 2013.
http://www.americanprogress.org/issues/china/news/2013/06/27/68339/criminal-charges-mark-new-phase-inbellwether-u-s-china-intellectual-property-dispute/.
25
Mandiant, APT1: Exposing One of Chinas Cyber Espionage Units, February 2013, pp. 22-23.
http://intelreport.mandiant.com/Mandiant_APT1_Report.pdf.
26
United States Department of Defense, Directory of PRC Military Personalities (Washington, DC: Defense
Intelligence Agency, March 2013), passim.

In an October 2011 report, the U.S. Office of the National Counterintelligence Executive
(ONCIX) linked multiple cyber intrusions and instances of intellectual property theft to
Chinese individuals or China-based computer systems. The report concludes the
growing interrelationships between Chinese and U.S. companieswill offer Chinese
government agencies and businesses increasing opportunities to collect sensitive U.S.
economic information.27

In 2011, McAfee, a U.S.-based internet security firm, detailed a series of covert and
targeted cyber [attacks], dubbed Night Dragon. Originating primarily from servers in
China, Night Dragon targeted oil, energy, and petrochemical companies in the United
States and other countries, ultimately gaining access to executive accounts and highly
sensitive documents over several years.28

Also in 2011, McAfee detailed the activities of Operation Shady RAT, a cyber actor
that compromised data from 49 U.S. entities, including defense contractors, energy
companies, real estate companies, and information and communications technology
firms, among others.29 Following the publication of McAfees report, several security
experts asserted that Operation Shady RAT was a Chinese government operation.30

27

Office of the National Counterintelligence Executive, Foreign Spies Stealing US Economic Secrets in Cyberspace:
Report to Congress on Foreign Economic Collection and Industrial Espionage, 2009-2011, (Washington DC: October
2011), http://www.ncix.gov/publications/reports/fecie_all/Foreign_Economic_Collection_2011.pdf.
28
McAfee, White Paper: Global Energy Cyberattacks: Night Dragon (Santa Clara, CA: McAfee Foundstone
Professional Services and McAfee Labs, February 10, 2011), p. 4. http://www.mcafee.com/us/resources/whitepapers/wp-global-energy-cyberattacks-night-dragon.pdf.
29
Dmitri Alperovich, Revealed: Operation Shady RAT (Santa Clara, CA: McAfee, August 2011).
http://www.mcafee.com/us/resources/white-papers/wp-operation-shady-rat.pdf.
30
Laura Saporito and James A. Lewis, Cyber Incidents Attributed to China, Center for Strategic and International
Studies. http://csis.org/files/publication/130314_Chinese_hacking.pdf.

10

The PLA in 2009 may have conducted a spearphishing campaign against the CocaCola Corporation. The alleged attack coincided with Coca-Colas attempts to acquire
China Huiyuan Juice Group for $2.4 billion, which would have been the largest foreign
takeover of a Chinese company. Hackers gained access to sensitive corporate documents,
presumably targeting Coca-Colas negotiation strategy. Shortly after the FBI informed
Coca-Cola that its network was compromised, the acquisition collapsed.31

Outlook

There is an urgent need for Washington to compel Beijing to change its approach to cyberspace
and deter future Chinese cyber theft. The Chinese government does not appear to be inclined to
curb its cyber espionage in any substantial way. Merely naming perpetrators will not affect this
centrally directed behavior.

Later this week, the U.S.-China Economic and Security Review Commission will hold a
roundtable with leaders in the cyber security field to explore a range of potential Congressional
actions and policies, including the following:

Expose Chinas illicit behavior in cyberspace and present detailed evidence of Chinese
cyber espionage. Jason Healey, director of the Cyber Statecraft Initiative at the Atlantic

31

David E. Sanger et al., Chinese Army Unit Is Seen as Tied to Hacking Against U.S., New York Times, February
19, 2013. http://www.nytimes.com/2013/02/19/technology/chinas-army-is-seen-as-tied-to-hacking-againstus.html?hp&_r=0&pagewanted=all; Ben Elgin et al., Coke Gets Hacked and Doesnt Tell Anyone, Bloomberg,
November 4, 2012. http://www.bloomberg.com/news/2012-11-04/coke-hacked-and-doesn-t-tell.html.

11

Council, recently suggested that the U.S. government should task the intelligence
community to release periodic reports detailing Chinese espionage.32

Link Chinese economic espionage to trade restrictions and bilateral issues in which
Beijing seeks compromises from Washington. The Deter Cyber Theft Act (S. 884), a bipartisan bill recently introduced in the U.S. Senate, would allow the President to restrict
the import of specific goods in order to protect intellectual property rights and DOD
supply chains, and require further study of foreign industrial espionage.

Encourage the U.S. government, military, and cleared defense contractors to implement
measures to reduce the effectiveness of Chinese cyber operations and increase the risk of
conducting such operations for Chinese organizations. For example, measures such as
meta-tagging, watermarking, and beaconing33 can help identify sensitive information
and code a digital signature within a file to better detect intrusion and removal. 34 These
tags also might be used as evidence in criminal, civil, or trade proceedings to prove that
data was stolen.

Continue or expand bilateral cooperation with China on credit card and bank crime.

32

Jason Healey, How the U.S. Should Respond to Chinese Cyberespionage, New Atlanticist Policy and Analysis
Blog, Atlantic Council, February 25, 2013. http://www.acus.org/new_atlanticist/how-us-should-respond-chinesecyberespionage.
33
The Commission on the Theft of Intellectual Property, The IP Commission Report (Washington, DC: National
Bureau of Asian Research, May 2013), p. 81.
http://www.ipcommission.org/report/IP_Commission_Report_052213.pdf.
34
Cisco, Data Loss Prevention, http://www.cisco.com/en/US/netsol/ns895/index.html.

12

Prohibit Chinese firms using stolen U.S. intellectual property from accessing U.S.
financial markets. As recommended by the Commission on the Theft of Intellectual
Property in its 2013 report, the U.S. Secretary of the Treasury and Secretary of
Commerce could be empowered to deny the use of the American banking system to
foreign companies that repeatedly benefit from the misappropriation of American
intellectual property.35

Prosecute or punish firms that benefit from cyber-theft, regardless of whether or not they
are involved in specific cyber espionage. Companies may not be willing to cooperate
with Chinese cyber actors if it means risking civil and criminal litigation and frozen
assets.36

My personal view is that the President already has an effective tool that he has not used. General
Alexander put the annual cost of cyber theft at $338 billion a year. To put that number in
perspective, a new Gerald R. Ford- class aircraft carrier costs about $12 billion. Given the
magnitude of these losses, the President could employ his authority under the International
Emergency Economic Power Enhancement Act (IEEPA, 50 USC 1701, PL 110-96) to declare
that the cyber-enabled theft of intellectual property represents an extraordinary threat to the
national securityor economy of the United States.

35

The Commission on the Theft of Intellectual Property, The IP Commission Report (Washington, DC: National
Bureau of Asian Research, May 2013), p. 66.
http://www.ipcommission.org/report/IP_Commission_Report_052213.pdf.
36
Stewart Baker, The Attribution Revolution, Foreign Policy, June 17, 2013.
http://www.foreignpolicy.com/articles/2013/06/17/the_attribution_revolution_plan_to_stop_cyber_attacks?page=full.

13

Under this declaration, the President, in consultation with Congress, may investigate, regulate,
and freeze transactions and assets, as well as block imports and exports in order to address the
threat of cyber theft and espionage. While this authority has traditionally been employed to
combat international financing of terrorist organizations and the proliferations of weapons of
mass destruction, there is no statutory limitation that prevents the President from applying the
IEEPA to cyber espionage issues.37

This committees job is made harder by the reluctance of companies to admit that cyber theft has
taken place. The government and industry must work more closely to detect cyber penetrations
and to respond. No interagency effort can monitor intrusions on every corporate network. But the
government and industry can do better at detecting and responding to cyber theft.

Thank you for the opportunity to appear today. I am happy to respond to any questions you may
have.

37

50 U.S.C. 1701. http://uscode.house.gov/download/pls/50C35.txt.

14